XStream Multiple High-Risk Vulnerabilities Threat Alert
outubro 15, 2021
Overview Recently, NSFOCUS found that XStream released security advisories disclosing 14 security vulnerabilities in its products. An attacker could exploit these vulnerabilities to conduct a DoS, server-side request forgery (SSRF), or remote code execution (RCE) attack. XStream is a tool to serialize Java objects to XML and back again. When serializing JavaBeans or deserializing XML […]
XStream Multiple High-Risk Vulnerabilities Threat Alert
março 25, 2021
Vulnerability Description Recently, NSFOCUS detected that XStream released security advisories disclosing 11 security vulnerabilities in its products. An attacker could exploit these vulnerabilities to conduct DoS and SSRF attacks, delete arbitrary files, and lead to arbitrary RCE. XStream is a tool for converting between Java objects and XML. When serializing JavaBeans or deserializing XML files, […]
